| 基于Snort的IPv6入侵检测技术 |
| |
| 引用本文: | 王相林,李蓓蕾.基于Snort的IPv6入侵检测技术[J].计算机工程,2010,36(8):144-146. |
| |
| 作者姓名: | 王相林 李蓓蕾 |
| |
| 作者单位: | 杭州电子科技大学计算机学院,杭州,310018 |
| |
| 摘 要: | 针对开源入侵检测系统Snort没有提供对IPv6协议的AH和ESP扩展首部支持的问题,提出利用Snort检测ESP加密报文的解决方案。构造ESP检测规则,在Snort协议分析模块加入DecodeESP()函数并添加密钥管理模块,实现Snort对IPv6报文中ESP扩展报头的解析,管理其产生的密钥。给出一种面向ESP的入侵检测系统模型,以验证IPv6加密通信入侵检测的可行性,并给出实验验证过程。
|
| 关 键 词: | 入侵检测系统 IPv6协议 封装安全有效负载 |
| 修稿时间: | |
Intrusion Detection Technology in IPv6 Based on Snort |
| |
| WANG Xiang-lin,LI Bei-lei.Intrusion Detection Technology in IPv6 Based on Snort[J].Computer Engineering,2010,36(8):144-146. |
| |
| Authors: | WANG Xiang-lin LI Bei-lei |
| |
| Affiliation: | (Computer School, Hangzhou Dianzi University, Hangzhou 310018) |
| |
| Abstract: | Because the free NIDS Snort does not support the analysis of AH and ESP extension header in IPv6 protocol, this paper gives a solution to detect the ESP encrypted IP packets. By constructing ESP testing rules, adding DecodeESP() in Snort protocol analysis module, adding key management module, it solves the problem of anglicizing ESP extension header and the management of key. It builds a model of Intrusion Detection System(IDS) oriented ESP to solve the intrusion detection of encrypted communication in IPv6, and gives the process of the experiment. |
| |
| Keywords: | (Intrusion Detection System(IDS) IPv6 Encapsulating Security Payload(ESP |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
